hi, iodine client 0.3.2, available at http://code.kryo.se/iodine/ , suffers from a stack-based buffer overflow vulnerability which could result in the execution of arbitrary code. A specially crafted dns response sent through an UDP packet can be used to exploit this issue. cheers -p